php会话ID无故更改

Question

我目前在Wamp上使用Valum的文件上传器，一切都一直顺利到现在。在上传器的php文件中，我通过从会话数据读取获取当前用户，将上传的文件保存到当前用户的文件夹中。但是，每次我称它为某个未知的原因时，它都会创建一个新的会话。我已经检查过这些cookies，并返回了正确的会话。我也检查了session_id()，它也返回了正确的会话。但是，由于某种原因它总是会创建一个新会话。我甚至用session_id()函数明确设置了会话ID。但是，这些都不适用于某些原因。它会返回正确的ID，但不会保存到正确的ID。任何人都知道这是为什么发生？

下面是改性Uploader.php代码。

<?php 
//if (!empty($_COOKIE['PHPSESSID'])){ 
session_id($_COOKIE['PHPSESSID']); 
session_start(); 
//} 
if(isset($_SESSION['id'])){ 
/** 
* Handle file uploads via XMLHttpRequest 
*/ 


class qqUploadedFileXhr { 
    /** 
    * Save the file to the specified path 
    * @return boolean TRUE on success 
    */ 
    function save($path) {  
     $input = fopen("php://input", "r"); 
     $temp = tmpfile(); 
     $realSize = stream_copy_to_stream($input, $temp); 
     fclose($input); 

     if ($realSize != $this->getSize()){    
      return false; 
     } 

     $target = fopen($path, "w");   
     fseek($temp, 0, SEEK_SET); 
     stream_copy_to_stream($temp, $target); 
     fclose($target); 

     return true; 
    } 
    function getName() { 
     return $_GET['qqfile']; 
    } 
    function getSize() { 
     if (isset($_SERVER["CONTENT_LENGTH"])){ 
      return (int)$_SERVER["CONTENT_LENGTH"];    
     } else { 
      throw new Exception('Getting content length is not supported.'); 
     }  
    } 
} 

/** 
* Handle file uploads via regular form post (uses the $_FILES array) 
*/ 
class qqUploadedFileForm { 
    /** 
    * Save the file to the specified path 
    * @return boolean TRUE on success 
    */ 
    function save($path) { 

     if(!move_uploaded_file($_FILES['qqfile']['tmp_name'], $path)){ 
      return false; 
     } 
     return true; 
    } 
    function getName() { 
     return $_FILES['qqfile']['name']; 
    } 
    function getSize() { 
     return $_FILES['qqfile']['size']; 
    } 
} 

class qqFileUploader { 
    private $allowedExtensions = array(); 
    private $sizeLimit = 10485760; 
    private $file; 
    function __construct(array $allowedExtensions = array(), $sizeLimit = 10485760){   
     $allowedExtensions = array_map("strtolower", $allowedExtensions); 

     $this->allowedExtensions = $allowedExtensions;   
     $this->sizeLimit = $sizeLimit; 

     $this->checkServerSettings();  

     if (isset($_GET['qqfile'])) { 
      $this->file = new qqUploadedFileXhr(); 
     } elseif (isset($_FILES['qqfile'])) { 
      $this->file = new qqUploadedFileForm(); 
     } else { 
      $this->file = false; 
     } 
    } 

    private function checkServerSettings(){   
     $postSize = $this->toBytes(ini_get('post_max_size')); 
     $uploadSize = $this->toBytes(ini_get('upload_max_filesize'));   

     if ($postSize < $this->sizeLimit || $uploadSize < $this->sizeLimit){ 
      $size = max(1, $this->sizeLimit/1024/1024) . 'M';    
      die("{'error':'increase post_max_size and upload_max_filesize to $size - Upload size: $uploadSize, postSize: $postSize, sizeLimit: $this->sizeLimit'}");  
     }   
    } 

    private function toBytes($str){ 
     $val = trim($str); 
     $last = strtolower($str[strlen($str)-1]); 
     switch($last) { 
      case 'g': $val *= 1024; 
      case 'm': $val *= 1024; 
      case 'k': $val *= 1024;   
     } 
     return $val; 
    } 

    /** 
    * Returns array('success'=>true) or array('error'=>'error message') 
    */ 
    function handleUpload($uploadDirectory, $replaceOldFile = FALSE){ 
     if (!is_writable($uploadDirectory)){ 
      return array('error' => "Server error. Upload directory isn't writable."); 
     } 

     if (!$this->file){ 
      return array('error' => 'No files were uploaded.'); 
     } 

     $size = $this->file->getSize(); 

     if ($size == 0) { 
      return array('error' => 'File is empty'); 
     } 

     if ($size > $this->sizeLimit) { 
      return array('error' => 'File is too large'); 
     } 

     $pathinfo = pathinfo($this->file->getName()); 
     $filename = $pathinfo['filename']; 
     //$filename = md5(uniqid()); 
     $ext = $pathinfo['extension']; 

     if($this->allowedExtensions && !in_array(strtolower($ext), $this->allowedExtensions)){ 
      $these = implode(', ', $this->allowedExtensions); 
      return array('error' => 'File has an invalid extension, it should be one of '. $these . '.'); 
     } 

     if(!$replaceOldFile){ 
      /// don't overwrite previous files that were uploaded 
      while (file_exists($uploadDirectory . $filename . '.' . $ext)) { 
       $filename .= rand(10, 99); 
      } 
     } 

     if ($this->file->save($uploadDirectory . $filename . '.' . $ext)){ 
      return array('success'=>true,'file'=>$filename . '.' . $ext); 
     } else { 
      return array('error'=> 'Could not save uploaded file.' . 
       'The upload was cancelled, or server error encountered'); 
     } 

    }  
} 

// list of valid extensions, ex. array("jpeg", "xml", "bmp") 
$allowedExtensions = array(); 
// max file size in bytes 
$sizeLimit = 8 * 1024 * 1024; 

$uploader = new qqFileUploader($allowedExtensions, $sizeLimit); 
$result = $uploader->handleUpload("../users/".$_SESSION['id']."/uploads/"); 
// to pass data through iframe you will need to encode all html tags 
echo htmlspecialchars(json_encode($result), ENT_NOQUOTES); 
}else{ 
    echo json_encode(array('error'=>session_id())); 
    //echo '{"error":"You are not logged in. Please log in to upload files."}'; 
} 
?> 

更新 我现在看到的东西有点不同寻常。它似乎是复制会话并留下旧的会话文件 - 就像session_regnerate_id()一样。但是，我的代码中没有任何地方。

Answer 1

我有同样的问题，在我的情况下，插入该行...

ini_set('session.use_strict_mode', 0); 

...对前session_start()解决它。